package jdbc;

import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.util.Scanner;

/**
 * 执行预编译SQL语句 为了防止起歧义，使用问号占位符
 */
public class JDBCDemo8 {
    public static void main(String[] args) {
        System.out.println("欢迎注册");
        Scanner scanner = new Scanner(System.in);
        System.out.println("请输入用户名:");
        String username = scanner.nextLine();
        System.out.println("请输入密码:");
        String password = scanner.nextLine();
        try (Connection connection = DBUtil.getConnection();){
            String sql = "SELECT id,username,password,age " +
                          "WHERE username=? AND password=?";
            PreparedStatement ps=connection.prepareStatement(sql);
            ps.setString(1, username);
            ps.setString(2, password);
            ResultSet rs=ps.executeQuery();
            if(rs.next()){
                System.out.println("登录成功");
            }else{
                System.out.println("登录失败");
            }

        } catch (Exception e) {
            e.printStackTrace();
        }
    }
}

